Threat Level: green Handler on Duty: Pedro Bueno

SANS ISC InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Its summer...Do you know what your kids are doing?

Published: 2009-05-29
Last Updated: 2009-05-29 20:39:36 UTC
by Lorna Hutcheson (Version: 1)
4 comment(s)

School is over or about to be over for many kids.  With that comes many families whose parents work and kids will be left at home to relax and enjoy their summer vacation.    This means alot of free time and an internet out there just waiting to be explored.  Everyone is aware of the need to keep your kids safe while on the internet.  But in some cases, there is a need to keep the internet and others safe from your kids.  Let me explain that last comment.  Kids with too much time on their hands get into trouble.  You hear about it all the time on the news with kids getting into trouble with things such as vandalism, stealing,etc.  What about kids getting into trouble on the internet? 

Do a google search on the phrase "teenage hacker" and see what comes up.  Kids are curious and learn fast.  The internet can become a playground for them to explore and test out cool new programs and tools they find on the internet or write themselves.  Chat rooms are available where kids can learn many things from others and want to try them for themselves.  They can also get pulled into the "wrong crowd" on the internet and get in way over their heads fast.  They may not even see anything wrong with it, its just computers after all. 

Most of the filtering technology today focuses on web traffic.  What are your kids looking at on the web.  That is a good thing, but there are many other ports and protocols available and nothing watching them.  Would you know if your child was running a botnet?  Stealing credit card numbers?  Hacking into websites?  Its not a game and there are real consequences to it, even sometimes when the intent may have been to do good. Here are some recent examples:

"Nineteen-year-old Dmitriy Guzner from New Jersey was part of an underground hacking group named 'Anonymous' that targeted the church with several attacks. He could face ten years in prison on computer hacking charges and is due to be sentenced on August 24."  http://www.securecomputing.net.au/News/144850,teenage-hacker-pleads-guilty-to-church-of-scientology-cyber-attacks.aspx

"Twitter has announced a review into four worm attacks on the site as a teenage hacker admits he could be jailed for his role in the stunt."  http://news.sky.com/skynews/Home/Technology/Twitter-Worm-Attack-Biz-Stone-Announces-Review-As-Teenage-Hacker-Michael-Mooney-Speaks-Out/Article/200904215261579

"A teenage hacker whose campaign to expose holes in Internet security sparked an FBI investigation was being sentenced in court today."  http://www.independent.co.uk/news/business/news/teenage-hacker-to-be-sentenced-for-internet-crusade-676871.html

 

As parents, we need to also talk to our kids about the other dangers that are on the internet.  Dangers such as hacking, virus making, botnet creation, stealing, etc.  You may think your child is doing nothing but sitting on a computer playing.  But keep in mind that a computer on the internet is a portal to a whole 'nother world. 

Keywords:
4 comment(s)

VMWare Patches Released

Published: 2009-05-29
Last Updated: 2009-05-29 14:25:20 UTC
by Lorna Hutcheson (Version: 1)
0 comment(s)

Patches were released yesterday to fix a DoS vulnerability and potential arbitrary code execution.  Here are the two vulnerabilities:

1.  VMWare Descheduled Time Accounting driver:

The issue affects the VMWare Descheduled Time Accounting driver and can cause a denial of service in Windows based virtual machines on the vulnerable versions.   This driver is an optional (non-
default) part of the VMware Tools installation.  However, if the following conditions are met and their tools are not upgraded, virtual machines that are migrated from vulnerable releases are still vulnerable if the following three conditions exist:

- The virtual machine is running a Windows operating system.

- The VMware Descheduled Time Accounting driver is installed
in the virtual machine.

- The VMware Descheduled Time Accounting Service is not running
in the virtual machine
 

2.  libpng package for the ESX 2.5.5 Service Console

The libpng package is used for creating and manipulating PNG (Portable Network Graphics) image format files.  A crafted PNG file loaded by an application and linked against libpng could cause the application to crash or to allow arbitrary code execution that would run with the priveleges of the user that is using the application. 

Another flaw addresses PNG images that contain "unknown" chunks.  If an application linked against libpng
attempted to process a malformed, unknown chunk in a malicious PNG image, it could cause the application to crash.

 



 

0 comment(s)

Blackberry Server Vulnerability

Published: 2009-05-29
Last Updated: 2009-05-29 13:48:20 UTC
by Lorna Hutcheson (Version: 1)
0 comment(s)

For all of you running around with a Blackberry, be careful of opening .pdf files.  A vulnerability announced on Tuesday allows for specially crafted .pdf files when opened on your blackberry to potentially  "cause memory corruption and possibly lead to arbitrary code execution on the computer that hosts the BlackBerry Attachment Service."  If you have not done so, please make sure your servers are patched. The versions afftected are:

  • BlackBerry® Enterprise Server software version 4.1 Service Pack 3 (4.1.3) through 5.0
  • BlackBerry® Professional Software 4.1 Service Pack 4 (4.1.4)

If anyone has gotten or gets a malicious .pdf, please send us a copy.

0 comment(s)
Diary Archives